April 25th, 2024

Fraud, Security & Risk Management Summit: New York

Event Overview

ISMG Summits feature carefully curated agendas delivering keynotes from industry luminaries, case-based learning, solution room workshops, private roundtable discussions, one-to-one networking and more. Our geo-targeted, industry-specific and topic-driven events provide actionable education for security leaders’ top priorities and challenges.

View our ISMG Event Experience video to see what your peers are saying about their participation. 

Venue

etc Madison Ave

360 Madison Ave, New York, NY 10017

NOTE:  All requests to attend will be reviewed by event staff and approved based on professional qualifications and event capacity.

Highlight Topics

  • Data Science as the Backbone of Predictive Cybersecurity Measures
  • Payment Fraud: Navigating the Complexities of Modern Threats
  • AI Ethics in Action: Balancing Fraud Prevention With Privacy Rights
  • Third-Party Risk Management: A Critical Component in the Cybersecurity Framework

        And much more!

Advisors

Thought Leaders Leading Deep-Dive Discussions on Stage

ISMG Summits bring the foremost thought leaders and educators in the security space on stage, at interactive workshops and networking events. Learn from the who’s who in the cybersecurity industry, passionate about the latest tools and technology to defend against threats.

Murli Nambiar

CISO, SBI

Atanu Roy

Group CIO, Biocon Group

Sachin Seth

CEO and MD, BSE Ebix Insurance Broking (BSE Ebix)

John Frushour

Vice President and Chief Information Security Officer, New York-Presbyterian Hospital

Claire Le Gal

SVP, Fraud Intelligence, Strategy & Cyber Products, Mastercard

Michael Gioia

CISO, Babson College

Karen Boyer

SVP Financial Crimes, M&T Bank

Fred Harris

Global Head of Risk & Compliance for Enterprise Technology & Operations, Citi

Brennan Lodge

Head of Analytic Engines Cybersecurity, HSBC

Jagathi Gade

Global Head of Risk Engineering, Square

Claire Le Gal

SVP, Fraud Intelligence, Strategy & Cyber Products, Mastercard

Matanda Doss

Executive Director - Cybersecurity and Technology Controls, J.P. Morgan & Chase

Brian Schaeffer

CIO, OceanFirst Bank

Laura Deaner

CISO, Northwestern Mutual

Umesh Yerram

Global CISO, Cboe Global Markets

Kevin Li

CISO, Cohen & Steers

Michael DeNicola

Supervisory Special Agent, FBI

La Monte Yarborough

CISO, Acting Deputy CIO, HHS

Karen Boyer

SVP Financial Crimes, M&T Bank

Fred Harris

Global Head of Risk & Compliance for Enterprise Technology & Operations, Citi

Davinder Rodey

Managing Director, CISO, Mizuho Americas

Speakers

Thought Leaders Leading Deep-Dive Discussions on Stage

ISMG Summits bring the foremost thought leaders and educators in the security space to the stage, interactive workshops and networking events. Learn from the “who’s who” in cybersecurity passionate about the latest tools and technology to defend against threats 

Agenda

You can now view or download a PDF version of the attendee guide.

Registration & Breakfast

La Monte Yarborough

CISO, Acting Deputy CIO, U.S. Department of Health & Human Services

Laura Deaner

CISO, Northwestern Mutual

David Ortiz

CISO, Church & Dwight Co.

Preston Miller

Director, Unit 42 by Palo Alto Networks

Threat Intelligence: Proactive Security Posture Against Evolving Adversaries

To effectively mitigate and respond to attacks, organizations must understand the latest capabilities and threats being deployed by their adversaries.

This session will equip CISOs with the latest analysis on the global threat landscape, the ways in which bad actors are leveraging emerging technologies to exploit traditional weaknesses, and bold strategies for combatting new and evolving threats.

Key takeaways will include:

  • Integrating new threat intelligence protectively into a robust risk management framework.
  • Analyzing the rise in zero-day attacks and the blind spots they exploit.
  • Understanding how AI/ML capabilities are being leveraged by adversaries for future attacks and how they can be leveraged to neutralize them.
  • Considering the role of behavioral analytics in enhancing threat detection capabilities.

La Monte Yarborough, CISO, Acting Deputy CIO, HHS

Laura Deaner, CISO, Northwestern Mutual

David Ortiz, CISO, Church & Dwight

Preston Miller, Director, Unit 42 by Palo Alto Networks

Chris Wysopal

CTO & Co-Founder, Veracode

The Crossroads of AI and Application Security

Although, as with any new technology, it brings its own risks, including incorrect code suggestions and more intelligent malware attacks. Join this session to explore how to harness AI tools to work for you while ensuring your organization stays secure.

Chris Wysopal, CTO & Co-Founder, Veracode

Matanda Doss

Executive Director - Cybersecurity and Technology Controls, J.P. Morgan

Michael DeNicola

Supervisory Special Agent, Cyber Division, FBI

Karen Boyer

SVP Financial Crimes, M&T Bank

Claire Le Gal

SVP, Fraud Intelligence, Strategy & Cyber Products, Mastercard

Payment Fraud: Navigating the Complexities of Modern Threats

This session provides a comprehensive exploration of the evolving landscape of payment fraud, shedding light on the latest threats, detection strategies, and proactive measures to safeguard financial transactions.
 
Join us as we delve into the cutting-edge of payment fraud prevention, examining rising threats such as account takeovers and synthetic identity fraud. Our expert panel will explore critical topics including authentication techniques, data security practices, and adherence to regulatory standards, while also addressing the growing risks associated with social engineering and the specific challenges faced in securing mobile payments.
 
Attendees will gain a comprehensive understanding of the latest trends, vulnerabilities and strategies essential for effectively combating payment fraud as well as:
 
  • The evolving face of payment fraud: Unpacking new trends and their industry impact
  • Uncovering weaknesses in digital payments: Lessons from real-world exploits
  • Harnessing AI for fraud prevention: The transformative role of machine learning
  • Mastering the maze of international fraud: Tackling cross-border payment challenges

Matanda Doss, Executive Director – Cybersecurity and Technology Controls,

J.P. Morgan

Michael DeNicola, Supervisory Special Agent, Cyber Division, FBI

Karen Boyer, SVP Financial Crimes, M&T Bank

Claire Le Gal, SVP, Fraud Intelligence, Strategy & Cyber Products, Mastercard

Brig. General (Ret.) Ran Shahor

Co-Founder, CEO & Board Member, HolistiCyber

Defending the Vault: Crafting and Optimizing Cyber Defense Plans in the Face of Geopolitical Tensions

Profit motive and minimal risk of being caught motivate cyberattackers. Nation-state-grade tools leaked to the darknet, often supported by certain nations, make their task easier.

Cyber defenders face a shortage of skilled professionals, especially those experienced in countering such attacks.

Also, CISOs lack dynamic tools to create and optimize strategic cyber defense plans, elevating risks and costs for financial companies.

Enter SAGE – The CISO’s co-pilot, a revolutionary cyber defense planning and optimization platform.

You will learn how SAGE helps CISOs to bridge critical gaps in cyber defense planning, enabling financial organizations to navigate cyberthreats effectively, reduce risk, elevate their cybersecurity posture, communicate to the board of directors and protect their revenue and reputation.

Brig. General (Ret.) Ran Shahor, Co-Founder, CEO & Board Member,

HolistiCyber

Networking & Exhibition Break

John Frushour

Vice President and Chief Information Security Officer, New York, Presbyterian Hospital

David Anderson

Vice President of Cyber, Woodruff Sawyer

Fred Harris

Global Head of Risk & Compliance for Enterprise Technology & Operations, Citi

Robert Wood

CISO, Centers for Medicare & Medicaid Services

Third-Party Risk Management: A Critical Component in the Cybersecurity Framework

CISOs must recognize that third-party risk management is not just an add-on to the cybersecurity agenda but a central piece of the overall strategy to safeguard their organizations in the digital landscape.

This discussion delves into:

  • The significance of implementing a solid vendor risk management framework and the potential consequences of oversight failures.
  • Tactical approaches for managing vendors that present a higher level of risk.
  • The utilization of metrics and external notifications to monitor and mitigate third-party risks effectively.

John Frushour, Vice President and CISO, NewYork-Presbyterian Hospital

David Anderson, Vice President of Cyber, Woodruff Sawyer

Fred Harris, Global Head of Risk & Compliance for Enterprise Technology &

Operations, Citi

Robert Wood, CISO, Centers for Medicare & Medicaid Services

Matanda Doss

Executive Director - Cybersecurity and Technology Controls, JP Morgan

Michael DeNicola

Supervisory Special Agent, Cyber Division, FBI

Karen Boyer

SVP Financial Crimes, M&T Bank

Claire Le Gal

SVP, Fraud Intelligence, Strategy & Cyber Products, Mastercard

Stephen Johnson

VP of Solutions Engineering, Entro Security

Reclaim Control Over Your Secrets

R&D teams create and scatter secrets across vaults, code, collaboration solutions and more without any oversight or control by security teams. Secret-based breaches are among the top three attack vectors, and they are the most destructive.

What is the solution needed to protect organizations from exposed secrets? How can you detect, safeguard and provide context for secrets stored across vaults, source code, collaboration tools, cloud environments and SaaS platforms?

Introducing Entro’s Secrets Security and Management Platform, which is designed specifically for CISOs and security teams to provide them with full oversight and the ability to govern any secret from a single pane of glass, integrating into all places in which secrets can be found, including BYOV – bring your own vault.

Stephen Johnson, VP of Solutions Engineering, Entro Security

Shashank Golla

Product Marketing Manager, Wiz

Cloud Security Maturity and the Need for Proactive and Reactive Approaches

So, what is the right approach?

The answer is both. But which approach should be the focus today depends on the enterprise’s security maturity.

In this session, we will discuss:

  • What cloud security maturity is and the path to achieving it;
  • Creating an effective security backstop with cloud detection and response;
  • How reactive security should be an enabler for proactive security.

Shashank Golla, Product Marketing Manager, Wiz

Robert O'Leary

CFCE, Senior Solutions Architect, Binalyze

Proactive Threat Hunting for Enterprise Organizations

Learn the latest methodologies, tools and best practices that SOC analysts and incident responders use to detect and neutralize emerging cyberthreats. Through real-world examples, you will learn how to leverage threat intelligence, conduct network and endpoint analysis, apply machine learning algorithms, and foster a collaborative security culture.

Robert O’Leary, CFCE, Senior Solutions Architect, Binalyze

Theresa Lanowitz

Head Evangelism and Research, AT&T Cybersecurity

Breaking Down Silos Toward a Secure Future

Based on new research, Theresa Lanowitz explains how these new relationships drive innovation focused on business requirements, increase resilience, and improve security.
 
She will share the business drivers for edge use cases and explain how organizations are shifting budgets to support and secure these initiatives.

Theresa Lanowitz, Head Evangelism and Research, AT&T Cybersecurity

Lunch & Exhibition Break

David Anderson

Vice President of Cyber, Woodruff Sawyer

Davinder Rodey

CISO, Mizuho Americas

Patrick Keating

SVP, CISO, Sterling Bank & Trust

Walker Newell

Vice President, Securities Litigation and Enforcement, Woodruff Sawyer

Adapting to Enhanced SEC Scrutiny: Strategies for CISOs Post-SolarWinds

This year, the SEC significantly ratcheted up the pressure on public companies – and CISOs. In July, the SEC adopted new rules giving the government more avenues to second-guess good-faith cybersecurity disclosure decisions. Then, in November, the SEC sued SolarWinds and its CISO for fraud, marking the start of a new era in cybersecurity enforcement.
 
In this discussion, our esteemed panel will provide an inside perspective on SEC risk – and mitigation – for CISOs and other security professionals in the wake of SolarWinds ruling, including:
  • How the SEC approached cybersecurity cases before SolarWinds ruling, and the new rules 
  • How SolarWinds ruling and the new rules are likely to influence future SEC enforcement activities
  • Lessons for CISOs from the SolarWinds ruling
  • How CISOs can navigate an enhanced role in the disclosure process
  • Key indemnification and insurance considerations

David Anderson, Vice President of Cyber, Woodruff Sawyer

Walker Newell, Vice President, Securities Litigation and Enforcement, Woodruff Sawyer

Davinder Rodey, CISO, Mizuho Americas

Patrick Keating, SVP, CISO, Sterling Bank & Trust

 

Fred Harris

Global Head of Risk & Compliance for Enterprise Technology & Operations, Citi

David Anderson

Vice President of Cyber, Woodruff Sawyer

Claire Le Gal

SVP, Fraud Intelligence, Strategy & Cyber Products, Mastercard

Kevin Cooke

Senior Special Agent, United States Secret Service

Deepfakes, Real Stakes: Unmasking Cyber Deception in a High-Stakes Interactive Tabletop Simulation

This interactive session is meticulously crafted to mimic a sophisticated cyberattack. It aims to bolster strategic response capabilities and enhance operational readiness against the backdrop of advanced cyberthreats. The focal point of this exercise is a strategically crafted deepfake incident targeting a corporate executive, weaving together elements of social engineering, financial fraud, and the challenges posed by emerging technological threats.

What you will gain from this experience:

  • Enhanced Organizational Readiness: To critically assess and improve organizational preparedness in response to intricate cyber incidents involving deepfake technology and social engineering.
  • Interagency Collaboration and Knowledge Exchange: To strengthen the partnership and information sharing between the Secret Service and leaders in the private sector cybersecurity community.
  • Strategic Response Development: To create all-encompassing incident response strategies that cover legal, technical and communicational facets, while also identifying and rectifying weaknesses in existing cybersecurity policies and governance.

Kevin Cooke, Senior Special Agent, United States Secret Service

Vlad Brodsky, CIO & CISO, OTC Markets Group

Fred Harris, Global Head of Risk & Compliance for Enterprise Technology &

Operations, Citi

David Anderson, Vice President of Cyber, Woodruff Sawyer

Claire Le Gal, SVP, Fraud Intelligence, Strategy & Cyber Products, Mastercard

David Ortiz, CISO, Church & Dwight Co.

John Frushour, VP, CISO, NewYork-Presbyterian Hospital

Walker Newell, Vice President, Securities Litigation and Enforcement, Woodruff Sawyer

Karen Boyer, SVP, Financial Crimes, M&T Bank

Christopher Hills

Chief Security Strategist, BeyondTrust

Identity Defense in Finance: Confronting the Emerging Threat Landscape

The discussion will touch upon key issues such as third-party vendor access, privilege elevation, vulnerability awareness, and how an identity-first security approach leads to zero trust and lower cyber insurance premiums.

Attendees will learn about market trends, emerging threats and risk mitigation strategies related to identity privilege. Join us for valuable insight into the future of identity security.

Christopher Hills, Chief Security Strategist, BeyondTrust

 

John Gunn

CEO, Token

How Cybercriminals Are Weaponizing Generative AI and How You Can Respond

Learn how the incredible power of generative AI is arming cybercriminals with formidable new capabilities and transforming them into much more dangerous digital adversaries. This session explores the impact of generative AI on the most dangerous attack methods, along with the next-generation defense strategies that will become necessary.

John Gunn, CEO, Token

Networking & Exhibition Break

Fred Harris

Global Head of Risk & Compliance for Enterprise Technology & Operations, Citi

Kevin Li

CISO, Cohen & Steers Capital Management

Robert Wood

CISO, Centers for Medicare & Medicaid Services

Claire Le Gal

SVP, Fraud Intelligence, Strategy & Cyber Products, Mastercard

Enhancing Collaborative Risk Management: Unifying the Approach to Fraud, Cyber and Tech Risks

The panel will focus on the importance of establishing a common language across different risk domains and explore how fostering interdisciplinary communication and understanding is crucial for timely and effective response to threats, aligning different departments under a unified risk management objective.
In this discussion, our esteemed panel will:

  • Examine the collaborative frameworks that enable CISOs and IT teams to seamlessly integrate security measures with everyday IT operations.
  • Highlight success stories that showcase the benefits of these partnerships, emphasizing efficient risk mitigation and the development of a robust cybersecurity culture.
  • Offer insights on how to establish a shared language for risk communication, the formation of interdisciplinary teams, and the importance of vigilant monitoring and rapid response systems.
  • Discuss the critical role of CISOs in championing security investments and the necessity of executive support to foster an organizational environment that prioritizes cybersecurity awareness.

Fred Harris, Global Head of Risk & Compliance for Enterprise Technology &

Operations, Citi

Kevin Li, CISO, Cohen & Steers Capital Management

Robert Wood, CISO, Centers for Medicare & Medicaid Services

Claire Le Gal, SVP, Fraud Intelligence, Strategy & Cyber Products, Mastercard

Jagathi Gade, Global Head of Risk Engineering, Square

Sean Mack

Former CISO, Wiley; ISMG Contributor

Karen Boyer

SVP, Financial Crimes, M&T Bank

John Frushour

Vice President and Chief Information Security Officer, New York Presbyterian Hospital

Umesh Yerram

Global CISO, Cboe Global Markets

Intelligence Amplified: Data Science's Role in Cyberthreat Forecasting

Its role in analyzing past incidents and identifying future vulnerabilities is essential across organizational silos and industries.
 
In this exclusive session, our panel will take a deep dive into the dual significance of leveraging data science to not only fortify security posture but also to proactively enhance organizational readiness. Key areas of discussion will include:
 
  • Predictive Analytics for Security Posture: Unveiling effective methods to harness predictive analytics and thoroughly assess existing security posture.
  • Data Science in Threat Intelligence: Delving into how data science can process vast amounts of cyberthreat intelligence to predict and prevent attacks.
  • Machine Learning Algorithms for Pattern Recognition: An in-depth examination of how machine learning algorithms can assimilate knowledge from past security incidents to identify patterns and prevent future breaches.
  • Collaborative Data Initiatives: An exploration of the significance of data sharing across organizational boundaries, emphasizing the collective strength derived from collaborative defense efforts.
  • Role of Education in Cybersecurity: Shining a light on the indispensable role of education in building, upskilling and retaining adaptive, vigilant teams.

Sean Mack, Former CISO, Wiley; ISMG Contributor

Brennan Lodge, Head of Analytic Engines Cybersecurity, HSBC

Karen Boyer, SVP, Financial Crimes, M&T Bank 

John Frushour, Vice President and Chief Information Security Officer, 

NewYork-Presbyterian Hospital

Umesh Yerram, Global CISO, Cboe Global Markets

Closing Comments

Don’t miss your chance to attend this dynamic impactful event

#ISMGSummit

@ISMG_News

Sponsors

Entro Security logo

The Summit Experience

CPE Credits

Our summits offer Continuing Education Credits. Learn informative and engaging content created specifically for security professionals.

Register

RSVP here to attend our events. You can select for multiple or individual tickets.

NOTE:  All requests to attend will be reviewed by event staff and approved based on professional qualifications and event capacity.

Upcoming ISMG Events

April 10, 2024

Strategies and Mandates for Phishing-Resistant MFA in Financial Services and Healthcare

March 13, 2024

CIO Business Transformation Awards and Summit

March 6, 2024

Driving Autonomy and Automation to Maximize Security Defenses

April 16, 2024

Cybersecurity Implications of AI Summit: North America West Summit

June 13, 2024

Cybersecurity & Business Transformation Summit: Bengaluru​

Upcoming ISMG Events

March 6, 2024

Driving Autonomy and Automation to Maximize Security Defenses

April 16, 2024

Cybersecurity Implications of AI Summit: North America West Summit

March 13, 2024

CIO Business Transformation Awards and Summit